Skip to main content

Don’t be afraid of the big, bad Apple ‘Touch ID’ hack

iphone fingerprint unlocking texas 5s touchid
Image used with permission by copyright holder

Apple’s Touch ID fingerprint sensor, used to unlock the new iPhone 5S, can be tricked using a “fake finger,” according to a hacker group that claims to have broken the biometric security feature. If true, the hack undermines Apple’s assertions that Touch ID provides stronger security for iPhone users than the iPhone’s 4-digit pin lock – but don’t fret: Touch ID is still a valuable feature.

Before we get into why this isn’t that big of a deal, here’s how the anti-biometrics hacker group, Chaos Computer Club (CCC), successfully bypassed Touch ID, in their own words:

First, the fingerprint of the enroled (sic) user is photographed with 2400 dpi resolution. The resulting image is then cleaned up, inverted and laser printed with 1200 dpi onto transparent sheet with a thick toner setting. Finally, pink latex milk or white woodglue is smeared into the pattern created by the toner onto the transparent sheet. After it cures, the thin latex sheet is lifted from the sheet, breathed on to make it a tiny bit moist and then placed onto the sensor to unlock the phone. This process has been used with minor refinements and variations against the vast majority of fingerprint sensors on the market.

As you can see, the hack requires that whoever wants access to the device has the ability to take a high-resolution scan of the phone owner’s fingerprint, then print that out using a high-res scanner – not exactly an easy feat, or one that is easily repeatable in everyday life (as opposed to CCC’s intentional test of the security system, in which all parties were presumably complicit). Still, according to CCC spokesman Frank Rieger, the fact that this hack is possible should dispel “the illusions people have about fingerprint biometrics.”

“The public should no longer be fooled by the biometrics industry with false security claims. Biometrics is fundamentally a technology designed for oppression and control, not for securing everyday device access,” he added.

While it is disappointing that someone was able to trick Touch ID using simple methods, there are a number of reasons to take this hack with a grain of salt.

First, the easy-to-use nature of Touch ID is sure to increase the number of iPhone owners who lock their devices. Before the release of the iPhone 5S, a mere 50 percent of users locked their devices at all. Now that Touch ID is an option, that number will almost certainly increase.

Second, the CCC hack, though doable, is still a giant pain in the ass. Most thieves, I’d guess, do not have the knowledge, skill, tools, patience, or wherewithal to recreate the CCC hack. So if you’re device gets stolen, Touch ID will still do its job just fine.

Third, Touch ID still provides ample protection from the people we most want to keep out: Snooping family member, roommates, co-workers, and other people close to us. On that front, it keeps people out better than the 4-digit pin without the minor hassle of entering the pin every time the device is used.

Finally, as it’s currently configured, it is still possible to access a locked iPhone 5S using only the 4-digit pin – just swipe the screen, and the 4-digit pin unlock option appears, no fingerprint needed. Apple can, presumably, add an option to iOS 7 that allows a user to require both the fingerprint scan and the 4-digit pin to unlock the device. Do that, and the CCC hack will no longer work. I’d guess Apple will release this option once more people have become comfortable with Touch ID.

There are other reasons to be concerned about Touch ID. Minnesota Democrat Sen. Al Franken recently detailed some of them in a letter about the feature to Apple CEO Tim Cook. But the CCC hack just isn’t something to lose sleep over.

Editors' Recommendations

Andrew Couts
Former Digital Trends Contributor
Features Editor for Digital Trends, Andrew Couts covers a wide swath of consumer technology topics, with particular focus on…
I replaced my Apple Watch with a Garmin — and I don’t want to go back
Apple Watch Series 7 next to the Garmin Forerunner 265.

The Apple Watch has been my go-to wearable for years. I began my journey with the Apple Watch Series 1 in 2017, upgraded to the Apple Watch Series 4 shortly after it launched, and then jumped to the Apple Watch Series 7 in 2021. It's long been my smartwatch platform of choice, and I've never had any desire to switch to something else.

At least, that's what I thought before I began using a Garmin smartwatch. I started testing the Garmin Forerunner 265 earlier this year, and I went into it with a pretty clear plan: I'd wear the watch for a couple of weeks, write my review, and move back to the Apple Watch. Fast forward to now, and my Garmin Forerunner 265 review has been published, no further testing is required, and nothing is stopping me from returning to my Apple Watch. But here's the thing — I don't want to. Garmin's watch is so good that I have no desire to put the Apple Watch back on my wrist, and there are a few big reasons why.
The surprising importance of buttons

Read more
I don’t understand why Apple hates the 10th Gen iPad so much
Apple iPad Gen 10 with the official keyboard accessory.

I love using the iPad as my primary computer. No self-respecting digital nomad should be allowed to say those words. At least not in 2022, when iPadOS is still miles behind macOS, primarily because of Apple’s walled-garden approach to the iPad app ecosystem.

But after spending well over $800 on the whole kit with the new Magic Keyboard Folio and Apple Pencil, maybe I’ve downed the bitter potion of its cons and learned to love it. Or, to put it more accurately, be at peace with its limitations. Whatever way you put it, this sleek tablet is impressive, and infuriating, to the same measure.
Performance champ, middling execution

Read more
The 9 best iPhones of all time that changed everything
The iPhone 14 Pro and iPhone 13 Pro seen from the back.

The iPhone is one of the most important pieces of tech of all time. Do you remember the world of cell phones before the iPhone launched? You know, when wireless application protocol (WAP -- no, not the song by Cardi B) browsers were dominant, people still made phone calls instead of primarily texting, and cellular cameras were just a couple of megapixels? Sure, there were smartphones at the time — such as BlackBerry and Palm Treo — but these were more suited for business, rather than personal use.

But when Steve Jobs announced the iPhone in 2007, everything changed. Jobs touted the iPhone as a revolutionary 3-in–1 mobile device: “It’s a phone, it’s a camera, it’s an iPod.” Though it was mocked by some like Steve Ballmer, who thought it would never sell, the iPhone quickly took off and became one of the most popular smartphones to this day. You could even say that Android may not exist (at least not in its current form) if it weren’t for the first iPhone.

Read more